sending mail with squirrelmail

Daniel J Walsh dwalsh at redhat.com
Mon Dec 20 14:56:39 UTC 2004


Nathan Lee Reynolds (yibble) wrote:

>On Mon, 2004-12-20 at 12:32 +0000, Nathan Lee Reynolds (yibble) wrote:
>  
>
>>On Mon, 2004-12-20 at 23:03 +1100, Phil Anderson wrote:
>>--snip--
>>    
>>
>>>I think this is a TLS problem - not a squirrelmail problem - take a look 
>>>at the following.  I think sendmail needs access the random number 
>>>generator?  Or am I off track?
>>>      
>>>
>>--snip--
>>
>>I have a fairly default installation of SquirrelMail, and
>>in /etc/squirrelmail/config.php, the default setting for TLS usage is:
>>
>>$use_imap_tls = false;
>>$use_smtp_tls = false;
>>
>>So that might not be the problem.
>>    
>>
>
>Replying to my own post *tsk* These look very suspicious...
>
>Dec 20 12:33:41 wibble kernel: audit(1103546021.943:0): avc:  denied
>{ read append } for  pid=2931 exe=/bin/bash
>path=/var/lib/squirrelmail/prefs/nreynolds.abook dev=dm-0 ino=3046177
>scontext=root:system_r:httpd_sys_script_t
>tcontext=root:object_r:httpd_var_lib_t tclass=file
>  
>
You should relabel /var/lib/squirrelmail
restorecon -R /var/lib/squirrelmail

>Dec 20 12:33:42 wibble kernel: audit(1103546022.264:0): avc:  denied
>{ search } for  pid=2931 exe=/usr/sbin/sendmail.sendmail name=spool
>dev=dm-0 ino=2109446 scontext=root:system_r:httpd_sys_script_t
>tcontext=system_u:object_r:var_spool_t tclass=dir
>
>Dec 20 12:33:42 wibble kernel: audit(1103546022.264:0): avc:  denied
>{ create } for  pid=2931 exe=/usr/sbin/sendmail.sendmail
>scontext=root:system_r:httpd_sys_script_t
>tcontext=root:system_r:httpd_sys_script_t tclass=unix_dgram_socket
>  
>
This is strange because sendmail.sendmail should be running under a 
different context
system_mail_t

>Unfortunately, I'm not aux fait with SELinux, so it's off to do some
>reading for me.
>
>  
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>




More information about the fedora-selinux-list mailing list